While cloud technology offers significant benefits in terms of scalability, flexibility and stability, data security is an undeniable challenge. A survey by a cybersecurity enterprise noted that over 63 per cent of IT personnel have reported that cybersecurity is at the top of their list of concerns in their cloud strategy.
A lot of man hours are spent investigating threats, many of which turn out to be benign but cannot be ignored. In fact, cybersecurity teams are often stretched thin while ensuring they do not miss anything.
6 cloud security threats and how to manage them
1. Data breach
Cloud data breaches cost organizations millions in terms of time and money. A data breach could mean data loss or data theft besides damaging data integrity and confidentiality. Data breaches usually occur because of inefficient management of identity and credentials of people seeking access to data; phishing, pretexting, easy access to registration systems and insecure APIs.
Organizations are aware of the challenges that data breaches could trigger and are constantly trying to find the right tools and solutions to mitigate such challenges. While data breaches have increased in recent years, experts agree that it is not cloud technology that has worsened the problem, but the less-than-perfect security practices. The lack of visibility into cloud workloads is a key cause of immature security practices. An overwhelming majority (93 per cent) of respondents worldwide said they had trouble keeping tabs on all their cloud workloads.
Best practices: Steps that can be taken to prevent data breaches include:
- Set up strict cloud usage and permission policies with multi-level authentication gateways
- Implement data access governance and reduce access to sensitive data
- Implement data discovery to enable identification and classification of business critical and sensitive data
- Enable user behaviour analytics so that any anomalous activity can be quickly spotted
- Build an efficient data remediation process so that any issue that puts sensitive data at risk can be quickly managed
- Enable centralised logging so that investigators can access all the necessary logs from anywhere.
2. Misconfigurations
The most frequently seen misconfigurations include human error at the top of the list, followed by allowing excessive permissions and data sharing, both of which can overexpose sensitive data; allowing old and unused accounts to continue; not managing security settings efficiently and disabling encryption, all of which expose data to insecure environments.
Best practices:
- Set up baseline configurations and regularly check for slippage
- Monitor and investigate any unplanned changes
- Regularly review user permissions and be willing to revoke any inappropriate or excessive access rights.
3. Insider threats
These may be intentional or accidental. The insiders include employees along with contractors, partners and suppliers who have inappropriate access to sensitive data. Threats could include abuse of privileges, compromised VPNs, routers and privileged and service accounts. Organisations that do not have enough visibility into usage and activity across cloud storage systems are especially at risk.
Best practices:
- Change access permissions as soon as there is personnel change
- Track user activities especially if there are failed attempts to access
- Monitor privileged and service accounts since they should be sparingly used
- Create a behavioural profile of every user and track usage based on that. Attempts to gain more permissions, access disabled accounts are all red flags.
4. Account hijacking
The ways to steal and hack into accounts are too many to discuss here. Privileged accounts and subscription services are especially at risk.
Best practices:
- Train employees on how to prevent account hijacking
- Insist on strong passwords and implement multi-layer verification
- Control access, monitor user behaviour and remove unused accounts
- Revoke excessive access to information
- Practise the principle of least privilege (POLP) to help increase security.
5. Denial of service attacks
Such an attack makes service delivery difficult. These attacks can originate from a single or multiple sources. During such an attack, a system is overwhelmed by such a huge number of requests that other users cannot access the system. New forms of such attacks combine AI and ML.
Best practices:
- Implement content filters
- Use a web application firewall to secure the network
- Use load balancing and easily identify traffic irregularities
6. Malware
They can infect cloud servers like any on-premise system.
Best practices:
- Practise regular data backups
- Use advanced firewalls and antivirus software tools
- Train employees on safe browsing and downloading
- Monitor activities.
Mitigate data security challenges with a comprehensive security platform
A security platform can help mitigate data security challenges by providing a comprehensive set of security capabilities, including centralized management, automated compliance, threat detection and response, data encryption, and access control, and continuous monitoring.
At Cloud Kinetics, we have developed a proprietary platform – Arcus CMP – to mitigate the challenges of cloud and data security for our clients.. With Arcus Cloud Management Platform, clients are able to get a clear and transparent view of their cloud assets. It also empowers users to deploy fully configured stacks or applications on public clouds like AWS, AZURE and GCP through a user-friendly interface without compromising visibility, governance and control.
How Cloud Kinetics enabled secure cloud adoption for a leading bank
Cloud Kinetics worked with a leading bank in Singapore for cloud adoption and to ensure adherence to governance policies and industry compliance standards including ISO. As part of this security and compliance requirement, the bank identified around 150+ security controls and required them to be implemented on Azure.
Cloud Kinetics implemented the security control and governance framework for the customer on Azure and automated the whole setup using Terraform, including the following features:
- Automated creation of Azure resources VNET, NSG Rules, Storage Account, Key Vault and RBAC through Terraform
- Setup and configured alerts (based on Secure Azure Dev Ops tool kit framework)
- Created custom RABC and automated via scripts
- Monitored and remediated events and deviations
As a solution, Cloud Kinetics set up governance policies for proactive monitoring and alerts. We also enabled the bank to set up Azure resources via automated deployments.
The highlights of the cloud adoption drive
- Complete automation of 150+ security controls as per ISO and other compliance requirements
- Separation of resources into various clusters enabling easier automation of network, server and other infra components
- Complete remediation of incidents, deviations and events for automated response
- Implementation was done using open source, cross-platform tools (like Terraform, cloud custodian) ensuring reusability and easy maintenance.
If your cloud security team has similar concerns, talk to our experts and find customized solutions to tackle them.